Wireless telecommunications terminals (e.g., cell phones, personal digital assistants [PDAs] with wireless capabilities, notebook computers with wireless capabilities, etc.) are increasingly being used in the workplace for job-related tasks. Some enterprises have deployed software applications that execute on a server and can be accessed by workers via their wireless terminals. Such applications are commonly referred to as wireless web-based applications or wireless client/server applications, depending on whether or not a browser is used as the user interface on the wireless terminals.
In some domains, such as health care, it is especially convenient for workers to use hands-free wireless terminals so that using the wireless terminal does not interfere with their other job duties. When a hands-free wireless terminal is used to access a wireless client/server application, typically the user issues voice commands in lieu of keypad inputs and receives audio responses in lieu of a video display.
FIG. 1 depicts illustrative telecommunications system 100 in the prior art. As shown in FIG. 1, telecommunications system 100 comprises telecommunications network 105, hands-free wireless terminal 110, and server 120, interconnected as shown.
Telecommunications network 105 is a network that comprises one or more wireless elements (e.g., wireless access points, wireless base stations, etc.) and is capable of transporting signals between server 120 and other devices, such as hands-free wireless terminal 110.
Hands-free wireless terminal 110 is a device that is typically worn on a user's person (e.g., clipped to one of the user's ears, etc.) and is capable of wirelessly transmitting and receiving electromagnetic signals to and from telecommunications network 105 via a wireless transceiver; of receiving voice inputs and converting them to electromagnetic signals via a microphone; and of converting electromagnetic signals to acoustic signals and outputting the acoustic signals to the user via a speaker.
Server 120 is a data-processing system that is capable of executing one or more software applications and of receiving and transmitting signals via telecommunications network 105.
In some instances it is desirable for security reasons to require that users are authenticated before being allowed to access an application or other resource on a server. Typically a user is presented with an authentication challenge, and the user must supply a valid response to the challenge. A classic challenge/response mechanism, colloquially referred to as “logging in,” is to prompt a user to respond with his or her username and password. This mechanism is not well-suited for hands-free wireless terminals, however, because it requires that a user say his username and password aloud, and it is often difficult for the user to ensure that no one else overhears this information.
Other authentication techniques of the prior art are also poorly suited to hands-free wireless terminals. In one such technique, a user uses an electronic token device or a list of numbers to respond to an authentication challenge with a one-time password response. While this eliminates the problem of the password being overheard, it requires the user to carry around and consult the token device or list, thereby largely negating the advantage of having a hands-free terminal. In another technique, speaker recognition, a user is authenticated by comparing his or her speech to a database of known speakers. The disadvantages of speaker recognition are two-fold: first, it suffers from high error rates—particularly in the noisy environments that typically predominate in workplaces—and second, it is possible for another person to record a user's voice and play back the recording to impersonate the user.
Therefore, what is needed is a secure authentication technique for hands-free wireless terminals that overcomes some of the disadvantages of the prior art.